<?php
/*
+--------------------------------------------------------------------------
|   AffiliStore 2
|   ========================================
|   Web: http://www.affilistore.com
|   Email: admin (at) affilistore (dot) com
|	License Type: AffiliStore 2 is NOT open source software and limitations apply 
|   Licence Info: Visit AffiliStore website and click on 'Licence'
+--------------------------------------------------------------------------
*/
// checks to see if password session is set
// if not redirects to ../admin/
if($_SESSION['loggedIn'] == 0 && !isset($adminPage)){
include('../includes/auth.inc.php');
}




// delete a comment
if (isset($_GET['delete'])) {
$sql =  sprintf("DELETE FROM affiliSt_comments WHERE commentID = %s",
           quote_smart($_GET['delete']));
mysql_query($sql, $databaseConnect) or die(mysql_error());
}







// edit a comment
if (isset($_POST['editThisComment'])) {

	// check to see if details have been completed
	if (empty($_POST['cm_name']) || empty($_POST['cm_comment'])) {
	$error = 1;

	} else {
	
	// update the comment
	$sql = sprintf("UPDATE affiliSt_comments SET name = %s, email = %s, link = %s, comments = %s, approve = %s WHERE commentID = %s",
			   quote_smart($_POST['cm_name']),
			   quote_smart($_POST['cm_email']),
			   quote_smart($_POST['cm_link']),
			   quote_smart($_POST['cm_comment']),
			   quote_smart($_POST['cm_approve']),
			   quote_smart($_POST['editThisComment']));
	mysql_query($sql, $databaseConnect) or die(mysql_error());
	
	}
}






// pagination
$limit          = 50; 
$totalrows = mysql_result(mysql_query("SELECT COUNT(commentID) FROM affiliSt_comments"),0);
 
$page = $_GET['page'];
$currentPage = $_SERVER["PHP_SELF"];

if(empty($page)){
$page = 1;
}
        
$limitvalue = $page * $limit - ($limit);














$getCommentDetails = mysql_query("SELECT * FROM affiliSt_comments ORDER BY date DESC LIMIT $limitvalue, $limit");
$commentDetails = mysql_fetch_assoc($getCommentDetails);
?>





<?php
// error report
if ($error == 1) {
echo '<fieldset><strong style="color:red">ERROR: Fields must not be empty</strong></fieldset>';
} else {
	if (isset($_POST['editThisComment'])) {
	echo '<fieldset><strong style="color:green">Comment Edited</strong></fieldset>';
	}
}
?>




<?php if (isset($_GET['edit'])) { 

$sql =  sprintf("SELECT * FROM affiliSt_comments WHERE commentID = %s",
           quote_smart($_GET['edit']));
$getEditCat = mysql_query($sql, $databaseConnect) or die(mysql_error());
$editCat = mysql_fetch_assoc($getEditCat);
?>

<fieldset style="border: 1px solid green;">
<legend>Edit Comment</legend>
<form action="index.php?ad=cm" method="post" name="addLink">
<table cellpadding="4" cellspacing="0" border="0">
<tr>
<td>
<label for="cmName">Name:</label>
</td>
<td>
<input name="cm_name" type="text" id="cmName" class="adminInput" value="<?php echo $editCat['name'] ?>" />
</td>
</tr>
<tr>
<td>
<label for="cmEmail">Email:</label>
</td>
<td>
<input name="cm_email" type="text" id="cmEmail" class="adminInput" value="<?php echo $editCat['email'] ?>" />
</td>
</tr>
<tr>
<td>
<label for="cmLink">Link:</label>
</td>
<td>
<input name="cm_link" type="text" id="cmLink" class="adminInput"  value="<?php echo $editCat['link'] ?>" />
</td>
</tr>
<tr>
<td>
Comment On:
</td>
<td>
<?php echo $editCat['attachedID']; ?>
</td>
</tr>
<tr>
<td>
Website Section:
</td>
<td>
<?php echo $editCat['section']; ?>
</td>
</tr>
<tr>
<td>
Rating:
</td>
<td>
<?php echo $editCat['rating']; ?>
</td>
</tr>
<tr>
<td>
<label for="cmComment">Comments:</label>
</td>
<td>
<textarea name="cm_comment" rows="6" class="adminInput" id="cmComment"><?php echo $editCat['comments'] ?></textarea>
</td>
</tr>
<tr>
<td>
<label for="cmApprove">Approve This Comment?:</label>
</td>
<td>
Yes:
<input name="cm_approve" type="radio" id="cmApprove"
	<?php if ($editCat['approve'] == 1) {
	echo ' checked="checked" ';
	}
	?>  value="1" />
No:
<input name="cm_approve" type="radio" id="cmApprove"
	<?php if ($editCat['approve'] == 0) {
	echo ' checked="checked" ';
	}
	?> value="0" />
</td>
</tr>
</table>
<input type="hidden" name="editThisComment" value="<?php echo $_GET['edit']; ?>" />
<input value="Edit Comment" type="submit" class="padSubmit" />
</form>
</fieldset>

<?php } ?>











<fieldset>
<legend>Manage Comments</legend>

<table cellpadding="2" cellspacing="4" border="0">
<thead><strong>Colour Key</strong></thead>
<tr>
<td style="background-color:#ffffff; border:1px solid #cccccc;">&nbsp;&nbsp;</td>
<td>Comment Approved</td>
<td style="background-color:#eeeeee; border:1px solid #cccccc;">&nbsp;&nbsp;</td>
<td>Comment Not Approved</td>
</tr>
</table>

<?php if ($commentDetails) { ?>
<table cellpadding="6" cellspacing="0" border="0" width="100%">
<tr>
<th align="left" valign="top" style="white-space:nowrap">Name</th>
<th align="left" valign="top">Comment</th>
<th align="left" valign="top">Website Section</th>
<th align="left" valign="top" style="white-space:nowrap">Date Added</th>
<th align="left" valign="top">Edit/Delete</th>
</tr>
<?php do { 

	// set tr background colour style
	if ($commentDetails['approve'] == 0) {
	$trColour = '#eeeeee';
	} else {
	$trColour = '#ffffff';
	}

?>
<tr style="background-color:<?php echo $trColour; ?>">
<td align="left" valign="top" style="border-top:1px solid #cccccc;">
<a href="<?php echo $commentDetails['link']; ?>" target="_blank"><?php echo $commentDetails['name']; ?></a>
</td>
<td align="left" valign="top" style="border-top:1px solid #cccccc;">
<?php echo substr($commentDetails['comments'], 0, 150).'...'; ?>
</td>
<td align="left" valign="top" style="border-top:1px solid #cccccc;">
<?php echo $commentDetails['section']; ?>
</td>
<td align="left" valign="top" style="border-top:1px solid #cccccc;">
<?php echo date('d F Y', $commentDetails['date']); ?>
</td>
<td align="left" valign="top" style="border-top:1px solid #cccccc; white-space:nowrap">
[<a href="index.php?ad=cm&edit=<?php echo $commentDetails['commentID'] ?>">edit</a>] 
[<a href="index.php?ad=cm&delete=<?php echo $commentDetails['commentID'] ?>">delete</a>]
</td>
</tr>
<?php } while ($commentDetails = mysql_fetch_assoc($getCommentDetails)); ?>
</table>
<?php 



// page numbers
$numofpages = $totalrows / $limit;

if ($numofpages > 1) {
	echo('<div id="pagLinks">');
	
	// previous page link
	if($page != 1){ 
	$pageprev = $page - 1;
	echo("<a href=\"$currentPage?ad=ld&page=$pageprev\">&lt Prev</a> "); 
	}else{
	echo("&lt Prev ");
	}
	
	
	 
	
	for($i = 1; $i <= $numofpages; $i++){
		if($i == $page){
		echo($i." ");
		}else{
		echo("<a href=\"$currentPage?ad=ld&page=$i\">$i</a> ");
		}
	}
	
	// check for remainder results with %
	if(($totalrows % $limit) != 0){
		if($i == $page){
		echo($i." ");
		}else{
		echo("<a href=\"$currentPage?ad=ld&page=$i\">$i</a> ");
		}
	}
	
	// next page link
	if(($totalrows - ($limit * $page)) > 0){
	$pagenext = $page + 1;
	echo("<a href=\"$currentPage?ad=ld&page=$pagenext\">Next &gt;</a>"); 
	}else{
	echo("Next &gt;"); 
	}
	
	echo('</div>');
}



} ?>
</fieldset>